Zum Inhalt wechseln

Als Gast hast du nur eingeschränkten Zugriff!


Anmelden 

Benutzerkonto erstellen

Du bist nicht angemeldet und hast somit nur einen sehr eingeschränkten Zugriff auf die Features unserer Community.
Um vollen Zugriff zu erlangen musst du dir einen Account erstellen. Der Vorgang sollte nicht länger als 1 Minute dauern.

  • Antworte auf Themen oder erstelle deine eigenen.
  • Schalte dir alle Downloads mit Highspeed & ohne Wartezeit frei.
  • Erhalte Zugriff auf alle Bereiche und entdecke interessante Inhalte.
  • Tausche dich mich anderen Usern in der Shoutbox oder via PN aus.
 

   

Foto

Vulnbase 2015 by 404

- - - - -

  • Bitte melde dich an um zu Antworten
2 Antworten in diesem Thema

#1
Ch!ller

Ch!ller

    Shinigami

  • SubMod
  • PIPPIPPIPPIPPIPPIPPIPPIPPIPPIP
  • Likes
    955
  • 896 Beiträge
  • 1384 Bedankt
  • Spender
  • verifiziert

bestehend aus einer sql file das man improtieren muss, und einer PHP file in der paat sachen geändert werden müssen

<?php	
	error_reporting (0);
    session_start();
	ob_start();
	
	if (file_exists ('import.sql')) {
	    echo "importiere erst \"import.sql\" in die datenbank und lösche es anschließend!";
		exit();
	}
	
    $db = mysqli_connect ('localhost', 'root', 'e4f3fac624', 'vulnbase2') or die (mysqli_connect_error ()); mysqli_set_charset ($db, 'utf8');
	$vs = "2.0";
	
	$rk = "9Xsß2";
	$lm = array ('login' => 'ja', 'pass' => 'passwort'); //Login Module ja/nein = an/aus
	
	if (isset ($_SESSION['ab'])) {
		header ('Location: https://www.youtube.com/watch?v=Hdz8k0SZIfk;');
		exit();
	}
?>
<!DOCTYPE html>
<html>
<head>
    <title>VULNBASE - v.<?php echo $vs; ?></title>
	<meta charset="utf8 "/>
	<style>html {background:#ededed;} body {background:#fff;width:980px;margin:auto;color:#3b3b3b;font:13px verdana;} a {text-decoration:none;} .head {height:70px;line-height:70px;background:#3b3b3b;padding-left:20px;font-size:19px;letter-spacing:3px;text-transform:uppercase;color:#fff;cursor:default;} .head a {font-weight:bold;color:#fff;} .cont {padding:10px 20px;border-right:1px solid #b4b4B4;border-left:1px solid #b4b4B4;border-bottom:1px solid #b4b4B4;} .frig {float:right;} .bord {border-bottom:1px solid #b4b4B4;margin:10px 0px;} form {margin:10px 0px;} input, select, textarea {border: 1px solid #b4b4b4;padding:3px;} select, input[type=submit] {padding:2px;cursor:pointer;} input[type=text] {width:350px;} input[type=submit] {background:#f0f0f0;} .stat {cursor:default;} textarea {resize:none;width:350px;height:100px;} .tabl {display:table-row;height:35px;} .cell {border-right:1px solid #bfbfbf;display:table-cell;width:120px;} .cellu {display:table-cell;width:410px;padding-left:10px;} .cellu a {color:#000;} .cellu input {width:290px;} .cello {display:table-cell;width:30px;color:#000;border-right:1px solid #bfbfbf;} .tm {text-align:center} .srch {display:inline;margin:0px;} .post {margin:auto;} .post textarea {width:99%;height:90px;} .post a {color:#000;}</style>
</head>

<body>
    <div class="head">
	    <a href="index.php">vulnbase</a> - v.<?php echo $vs; ?>
	</div>
	<div class="cont">
<?php
    if ($lm['login'] == "nein" || isset ($_SESSION['lm']) && $_SESSION['lm'] == $lm['pass']) {
?>
	    <div class="stat">
<?php
	$sa = mysqli_num_rows (mysqli_query ($db, 'SELECT * FROM vulns'));
    $ss = mysqli_num_rows (mysqli_query ($db, 'SELECT * FROM vulns WHERE `typ` = "1"'));
    $sx = mysqli_num_rows (mysqli_query ($db, 'SELECT * FROM vulns WHERE `typ` = "2"'));
    $sr = mysqli_num_rows (mysqli_query ($db, 'SELECT * FROM vulns WHERE `typ` = "3"'));
    $sp = mysqli_num_rows (mysqli_query ($db, 'SELECT * FROM vulns WHERE `post` != "0"'));
?>
	        Statistiken: <?php echo $ss; ?> SQLi | <?php echo $sx; ?> XSS | <?php echo $sr; ?> RCE | d.v. <?php echo $sp; ?> POST
		    <span class="frig"><?php echo $sa; ?> Einträge</span>
		</div>
		<div class="bord"></div>
		Einen neuen Eintrag anlegen:
		<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">
		    <input type="text" name="url" placeholder="http://target.com/" />
			<select name="typ">
			    <option value="1">SQLi</option>
				<option value="2">XSS</option>
				<option value="3">RCE</option>
			</select>
			<input type="submit" name="ins" value="Eintragen" /><p/>
			POST Vulnerability? (Ansonsten leer lassen):<p/>
			<textarea name="post" placeholder="&parameter= ..."></textarea>
		</form>
<?php
    if (isset ($_POST['ins']) && !empty ($_POST['url']) && !empty ($_POST['typ'])) {

		$url = mysqli_real_escape_string ($db, htmlspecialchars ($_POST['url'], ENT_QUOTES));
		$typ = intval ($_POST['typ']);
		$datum = date ('d.m.y');
		
		$xml = simplexml_load_file ('http://data.alexa.com/data?cli=10&dat=snbamz&url='.$url);
		$rank = isset ($xml->SD[1]->POPULARITY)?$xml->SD[1]->POPULARITY->attributes()->TEXT:0;
		$cour = strlen ($rank);
		
		if ($cour > 4) {
		    $rank = substr ($rank, 0, 4)."+";
		}
		
	    if (!empty ($_POST['post'])) {
		    $post = mysqli_real_escape_string ($db, htmlentities ($_POST['post']));
			$sql = "INSERT INTO vulns (`typ`, `datum`, `rank`, `system`, `url`, `post`) VALUES ('$typ', '$datum', '$rank', 'linux', '$url', '$post')";
		}
		else {
			$sql = "INSERT INTO vulns (`typ`, `datum`, `rank`, `system`, `url`, `post`) VALUES ('$typ', '$datum', '$rank', 'linux', '$url', '0')";
		}
		
		$exe = mysqli_query ($db, $sql) or die (mysqli_error ($db));
		header ('Location: index.php');
		exit();
	}
?>
		<div class="bord"></div>
		<form action="<?php $_SERVER['PHP_SELF']; ?>" style="width:200px;display:inline;" method="get">
		    <select name="f">
			    <option value="0" selected>Neu</option>
			    <option value="1">Typ</option>
			    <option value="2">Datum</option>
			    <option value="3">Rank</option>
			    <option value="4">System</option>
			    <option value="5">POST</option>
			</select>
			<input type="submit" value="Filter anwenden" />
		</form>
<?php
	if (isset ($_GET['f']) && is_numeric ($_GET['f'])) {
	    $f = intval($_GET['f']);
		
		switch ($f) {
		    case "0":
			    $f = "id DESC";
				break;
		    case "1":
			    $f = "typ";
				break;
		    case "2":
			    $f = "datum";
				break;
		    case "3":
			    $f = "rank";
				break;
		    case "4":
			    $f = "typ";
				break;
		    case "5":
			    $f = "post DESC";
				break;
			default:
			    $f = "id DESC";
		}
	}
	else {
	    $f = "id DESC";
	}
?>
		<form action="" method="post" class="srch frig">
			<input type="text" name="sb" placeholder="Suchbegriff eingeben ..." />
			<input type="submit" name="s" value="Suchen" />
		</form>
		<div style="clear:both;"></div>
		<div class="bord"></div>
<?php
        if (isset ($_POST['sb']) && !empty ($_POST['s'])) {
			$sb = mysqli_real_escape_string ($db, htmlspecialchars ($_POST['sb'], ENT_QUOTES));
		    $sql = "SELECT * FROM vulns WHERE `url` LIKE '%$sb%'";
			$exe = mysqli_query ($db, $sql) or die (mysqli_error ($db));
			
			if (mysqli_num_rows ($exe) > 0) {
				$row = mysqli_fetch_array ($exe);
				switch ($row['typ']) {
			    	case "1":
						$typ = "SQLi";
						break;
			   		case "2":
						$typ = "XSS";
						break;
			    	case "3":
						$typ = "RCE";
						break;
			    	default:
						$typ = "???";
				}
?>
		<div class="tabl">
		    <a href="?l=<?php echo $row['id']; ?>" onclick="return confirm('Eintrag wirklich entfernen?');" class="cello">[L]</a>
		    <span class="cell tm">Typ: <?php echo $typ; ?></span>
		    <span class="cell tm"><?php echo $row['datum']; ?></span>
		    <span class="cell tm">Rank: <?php echo $row['rank']; ?></span>
		    <span class="cell tm">System: <?php echo $row['system']; ?></span>
		    <span class="cellu">
			    URL: <input type="text" onclick="this.select();" value="<?php echo $row['url']; ?>" />
<?php
				if ($row['post'] != "0") {
?>
				<a href="?p=<?php echo $row['id']; ?>">POST Data</a>
<?php
				}
?>
			</span>
		</div>
		<div class="bord" style="margin-top:0px;"></div>
<?php
			}
		}
        if (isset ($_GET['p']) && is_numeric ($_GET['p'])) {
		    $pid = intval ($_GET['p']);
			$sql = "SELECT * FROM vulns WHERE `id` = '$pid' AND `post` != '0'";
			
			if (mysqli_num_rows (mysqli_query ($db, $sql)) > 0) {
				$exe = mysqli_query ($db, $sql) or die (mysqli_error ($db));
				$row = mysqli_fetch_array ($exe);
?>
		<div class="post">
		    POST Data von <?php echo $row['url']; ?>
			<a href="index.php" class="frig">[CLOSE]</a><p/>
		    <textarea onclick="this.select();"><?php echo $row['post']; ?></textarea>
		<div class="bord"></div>
		</div>
<?php
			}
			else {
				header ('Location: index.php');
				exit();
			}
        }
    if ($sa > 0) {
        $sql = "SELECT * FROM vulns ORDER BY $f";
		$exe = mysqli_query ($db, $sql) or die (mysqli_error ($db));
		
		while ($row = mysqli_fetch_array ($exe)) {
		    switch ($row['typ']) {
			    case "1":
					$typ = "SQLi";
					break;
			    case "2":
					$typ = "XSS";
					break;
			    case "3":
					$typ = "RCE";
					break;
			    default:
					$typ = "???";
			}
?>
		<div class="tabl">
		    <a href="?l=<?php echo $row['id']; ?>" onclick="return confirm('Eintrag wirklich entfernen?');" class="cello">[L]</a>
		    <span class="cell tm">Typ: <?php echo $typ; ?></span>
		    <span class="cell tm"><?php echo $row['datum']; ?></span>
		    <span class="cell tm">Rank: <?php echo $row['rank']; ?></span>
		    <span class="cell tm">System: <?php echo $row['system']; ?></span>
		    <span class="cellu">
			    URL: <input type="text" onclick="this.select();" value="<?php echo $row['url']; ?>" />
<?php
        if ($row['post'] != "0") {
?>
				<a href="?p=<?php echo $row['id']; ?>">POST Data</a>
<?php
        }
?>
			</span>
		</div>
<?php
        }
        if (isset ($_GET['l']) && is_numeric ($_GET['l'])) {
		    $id = intval ($_GET['l']);

		    if (mysqli_num_rows (mysqli_query ($db, "SELECT * FROM vulns WHERE `id` = '$id'")) > 0) {
				$sql = "DELETE FROM vulns WHERE `id` = '$id'";  
				$exe = mysqli_query ($db, $sql) or die (mysqli_error ($db));
				header ('Location: index.php');
				exit();
			}
			else {
				header ('Location: index.php');
				exit();
			}
		}
    }
	else {
	    echo "Keine Einträge vorhanden.";
	}
    }
	elseif ($lm['login'] == "ja") {
?>
	    <div class="stat">
	        [LM] Bitte anmelden:
		    <span class="frig">Hallo: <?php echo php_uname('n'); ?> | <?php echo $_SERVER['REMOTE_ADDR']; ?></span>
		</div>
		<div class="bord"></div>
		<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">
		    <input type="text" name="pass" placeholder="Passwort eingeben ..." />
			<input type="submit" name="l" value="Login" />
		</form>
<?php  
        if (isset ($_POST['l']) && !empty ($_POST['pass'])) {
			$pass = mysqli_real_escape_string ($db, htmlspecialchars ($_POST['pass'], ENT_QUOTES));
			
			if ($pass == $lm['pass']) {
				$_SESSION['lm'] = $pass;
				header ('Location: index.php');
				exit();
			}
			else {
			    $_SESSION['ab'] = "kid";
				header ('Location: https://www.youtube.com/watch?v=Hdz8k0SZIfk;');
				exit();
			}
			
		}
    }
	else {
	    exit ('error: login modul');
	}
?>
        <div class="bord"></div>
<?php
    if ($lm['login'] == "ja") {
	    echo "SAFE MODE = on";
	    if (isset ($_SESSION['lm']) && $_SESSION['lm'] == $lm['pass']) {
		    echo " | <a href=\"?out\" style=\"color:#000;\">Abmelden</a>";
			if (isset ($_GET['out'])) {
			    session_destroy();
				session_unset();
				header ('Location: index.php');
				exit();
			}
		}
	}
	elseif ($lm['login'] == "nein") { 
	    echo "SAFE MODE = off";
	}
?>
		<span class="frig">made with ❤ by 404</span>
	</div>
</body>
</html>

 

-- phpMyAdmin SQL Dump
-- version 4.2.11
-- http://www.phpmyadmin.net
--
-- Host: 127.0.0.1
-- Erstellungszeit: 28. Jan 2015 um 20:52
-- Server Version: 5.6.21
-- PHP-Version: 5.6.3

SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
SET time_zone = "+00:00";


/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;

--
-- Datenbank: `vulnbase2`
--

-- --------------------------------------------------------

--
-- Tabellenstruktur für Tabelle `vulns`
--

CREATE TABLE IF NOT EXISTS `vulns` (
`id` int(4) NOT NULL,
  `typ` int(1) NOT NULL,
  `datum` varchar(8) NOT NULL,
  `rank` varchar(5) NOT NULL,
  `system` varchar(30) NOT NULL,
  `url` varchar(65) NOT NULL,
  `post` text NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;

--
-- Indizes der exportierten Tabellen
--

--
-- Indizes für die Tabelle `vulns`
--
ALTER TABLE `vulns`
 ADD PRIMARY KEY (`id`);

--
-- AUTO_INCREMENT für exportierte Tabellen
--

--
-- AUTO_INCREMENT für Tabelle `vulns`
--
ALTER TABLE `vulns`
MODIFY `id` int(4) NOT NULL AUTO_INCREMENT;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;

grüße gehen raus an 404


  • DR.zydz und B1nary gefällt das
Alle Angaben und Informationen dienen lediglich der Theorie!

#2
DR.zydz

DR.zydz

    Altes Haus

  • Elite Member
  • Likes
    233
  • 258 Beiträge
  • 429 Bedankt
  • 631033078
  • Android [root]
  • Windows, Linux

Haha geil :D

Habe das auch noch auf meiner Platte aber mich nicht getraut das zu posten.


Dzu5d.jpg

 

DHHC


#3
B1nary

B1nary

    Samurai

  • Elite Member
  • Likes
    489
  • 506 Beiträge
  • 346 Bedankt

grüße gehen raus an 404

 

Schade, dass er off ist - zumindest unter den mir von damals noch bekannten Nicknames...


  • Ch!ller gefällt das



  Thema Forum Themenstarter Statistik Letzter Beitrag

Besucher die dieses Thema lesen:

Mitglieder: , Gäste: , unsichtbare Mitglieder:


This topic has been visited by 1 user(s)


    kiwitone
Die besten Hacking Tools zum downloaden : Released, Leaked, Cracked. Größte deutschsprachige Hacker Sammlung.